この記事は3年以上前に書かれた記事で内容が古い可能性があります
Kubernetes超入門(Vagrant・CentOS7)〜(4)Pod作成〜
Podを作る
Kubernetes超入門(Vagrant・CentOS7)〜(3)ノード設定〜の続き
作成したkubernetesの環境でhttpサービスを提供するPodを作成してみる
PodはvSphere的に言うとクラスタと理解
Podの中にコンテナたちがいるイメージ
Podはyamlファイルで作成できる
まずはyamlファイルを格納する適当なワークディレクトリ作成
$ mkdir pod_test $ cd pod_test/
yamlファイル作成
yamlファイルはpodを作るための設計図
今回は、「httpd」と言うイメージ(redhatのサイトから取得)を元にPodを作成する
$ vi pod-httpd.yaml $ cat pod-httpd.yaml apiVersion: v1 kind: Pod metadata: name: httpd labels: app: httpd spec: containers: - name: httpd image: httpd ports: - containerPort: 80
先ほど作成したyamlファイルを元にPod作成
$ kubectl create -f pod-httpd.yaml pod "httpd" created
確認したところ、作成中(「ContainerCreating」)のまま進まない
]$ kubectl get pods NAME READY STATUS RESTARTS AGE httpd 0/1 ContainerCreating 0 11s
状況確認
$ kubectl describe pods Name: httpd Namespace: default Node: kubenodea/192.168.33.11 Start Time: Mon, 14 Oct 2019 08:31:02 +0000 Labels: app=httpd Status: Pending IP: Controllers: <none> Containers: httpd: Container ID: Image: httpd Image ID: Port: 80/TCP State: Waiting Reason: ContainerCreating Ready: False Restart Count: 0 Volume Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-831zm (ro) Environment Variables: <none> Conditions: Type Status Initialized True Ready False PodScheduled True Volumes: default-token-831zm: Type: Secret (a volume populated by a Secret) SecretName: default-token-831zm QoS Class: BestEffort Tolerations: <none> Events: FirstSeen LastSeen Count From SubObjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 55s 55s 1 {default-scheduler } Normal Scheduled Successfully assigned httpd to kubenodea 54s 14s 3 {kubelet kubenodea} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)" 25s 2s 2 {kubelet kubenodea} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
「/etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory」とのこと
こちらを参考にエラー対処
http://hylom.net/centos-redhat-registry-certs-error
証明書を入れる必要がある
※「python-rhsm」を入れるという記事もあったがうまくいかなかった
$ sudo yum -y install wget $ sudo wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm $ sudo rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee redhat-uep.pem $ sudo mv redhat-uep.pem /etc/rhsm/ca/
※これをマスターサーバと全てのノードに対して実施しておく
証明書を全てのノードに入れたら、マスターサーバの作業に戻る
先ほど作成したPodを削除して再トライ
$ kubectl delete pod httpd $ kubectl create -f pod-httpd.yaml pod "httpd" created
しばらくすると「Running」のステータスとなった
$ kubectl get pods NAME READY STATUS RESTARTS AGE httpd 0/1 ContainerCreating 0 17s
$ kubectl get pods NAME READY STATUS RESTARTS AGE httpd 1/1 Running 0 3m
先ほどのエラーも無くなっている
$ kubectl describe pods Name: httpd Namespace: default Node: kubenodeb/192.168.33.12 Start Time: Mon, 14 Oct 2019 09:46:15 +0000 Labels: app=httpd Status: Pending IP: Controllers: <none> Containers: httpd: Container ID: Image: httpd Image ID: Port: 80/TCP State: Waiting Reason: ContainerCreating Ready: False Restart Count: 0 Volume Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-831zm (ro) Environment Variables: <none> Conditions: Type Status Initialized True Ready False PodScheduled True Volumes: default-token-831zm: Type: Secret (a volume populated by a Secret) SecretName: default-token-831zm QoS Class: BestEffort Tolerations: <none> Events: FirstSeen LastSeen Count From SubObjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 10s 10s 1 {default-scheduler } Normal Scheduled Successfully assigned httpd to kubenodeb
「Node: kubenodeb/192.168.33.12」からkubenodebで起動していることがわかる
kubenodebにログインしてコンテナたちを確認
% vagrant ssh kubenodeb Last login: Mon Oct 14 09:44:38 2019 from 10.0.2.2 [vagrant@localhost ~]$ sudo docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d54b9059dc91 httpd "httpd-foreground" 3 minutes ago Up 3 minutes k8s_httpd.d6c52e8f_httpd_default_7f073335-ee67-11e9-a9fb-525400c9c704_82e5654e 1b9df3648786 registry.access.redhat.com/rhel7/pod-infrastructure:latest "/usr/bin/pod" 3 minutes ago Up 3 minutes k8s_POD.a8590b41_httpd_default_7f073335-ee67-11e9-a9fb-525400c9c704_a15faff0
「kubectl get pod」コマンドでPod情報を拾ってこれる
※kubectlの設定をしている(今回はマスターサーバ)で確認する
$ kubectl get pod httpd -o yaml apiVersion: v1 kind: Pod metadata: creationTimestamp: 2019-10-14T09:46:29Z labels: app: httpd name: httpd namespace: default resourceVersion: "11120" selfLink: /api/v1/namespaces/default/pods/httpd uid: 7f073335-ee67-11e9-a9fb-525400c9c704 spec: containers: - image: httpd imagePullPolicy: Always name: httpd ports: - containerPort: 80 protocol: TCP resources: {} terminationMessagePath: /dev/termination-log volumeMounts: - mountPath: /var/run/secrets/kubernetes.io/serviceaccount name: default-token-831zm readOnly: true dnsPolicy: ClusterFirst nodeName: kubenodeb restartPolicy: Always securityContext: {} serviceAccount: default serviceAccountName: default terminationGracePeriodSeconds: 30 volumes: - name: default-token-831zm secret: defaultMode: 420 secretName: default-token-831zm status: conditions: - lastProbeTime: null lastTransitionTime: 2019-10-14T09:46:15Z status: "True" type: Initialized - lastProbeTime: null lastTransitionTime: 2019-10-14T09:47:10Z status: "True" type: Ready - lastProbeTime: null lastTransitionTime: 2019-10-14T09:46:29Z status: "True" type: PodScheduled containerStatuses: - containerID: docker://d54b9059dc91472a17c0164194c9a5027d872236791cb365e75a40b9769fa032 image: httpd imageID: docker-pullable://docker.io/httpd@sha256:39d7d9a3ab93c0ad68ee7ea237722ed1b0016ff6974d80581022a53ec1e58797 lastState: {} name: httpd ready: true restartCount: 0 state: running: startedAt: 2019-10-14T09:47:10Z hostIP: 192.168.33.12 phase: Running podIP: 172.17.41.2 startTime: 2019-10-14T09:46:15Z
「podIP: 172.17.41.2」からPodのIPがわかる
Podにhttpアクセスをしてみる
% vagrant ssh kubenodeb Last login: Mon Oct 14 09:50:19 2019 from 10.0.2.2 [vagrant@localhost ~]$ [vagrant@localhost ~]$ curl 172.17.41.2 <html><body><h1>It works!</h1></body></html>
httpが無事に起動していることがわかる
以上。